Файл: EasyHost v2.0/system/htdocs/manager/init.pl
Строк: 82
<?php
print "Pragma: no-cachen";
print "Cache-control: no-cachen";
my $login = undef;
if ($system->param('command') eq 'manager' && $system->env('REQUEST_METHOD') eq 'POST')
{
$system->error('The username name field is required') if (!$system->param('username'));
$system->error('The username field contains invalid characters') if ($system->param('username') !~ /^[w]+[w-.]+$/i);
my $user = $system->service->user($system->param('username')) || $system->error('The username you entered wasn't found in our database');
$system->error('The password field is required') if (!$system->param('password'));
if ($system->param('password') ne $user->password)
{
if (crypt($system->param('password'),'as') eq $user->password)
{
$system->db->do('UPDATE users SET password = ? WHERE id = ?',undef,$system->param('password'),$user->id);
}
else
{
$user->notice('login_incorrect','entered an incorrect password');
$system->error('The password you entered is incorrect');
}
}
if ($user->status != 1)
{
$user->notice('login_incorrect','tried to access their disabled account');
$system->error('The account you are trying to access is currently disabled');
}
my $temp = undef;
my @idset = ('0'..'9','a'..'z','A'..'Z');
srand(time);
for (my $i = 1; $i <= 15; $i++)
{
$temp .= $idset[int(rand($#idset + 1))];
}
$system->db->do('REPLACE INTO logins VALUES (?,?,?,?,NOW())',undef,$temp,$user->id,$system->env('REMOTE_ADDR'),'/');
$system->db->do('UPDATE users SET date_online = NOW() WHERE id = ?',undef,$user->id);
$system->set_cookie('login',$temp);
$system->set_cookie('login_user',$user->id);
$user->notice('login','successfully logged into their account');
$system->redirect;
}
elsif (length($system->cookie('login')) == 15)
{
$login = $system->login;
if (!$login->user)
{
$system->set_cookie('login','1');
$system->error('The account you are trying to access wasn't found in our database');
}
if ($login->user->status != 1)
{
$system->set_cookie('login','1');
$system->error('The account you are trying to access is currently disabled');
}
if ($system->cookie('login_user') != $login->user->id)
{
$system->set_cookie('login','1');
$system->error('Your session has expired, please login again');
}
}
else
{
$system->redirect('/');
}
?>